Monday, 22 May 2017

The security company Proofpoint recently observed that a "very large-scale" attack was being carried out and instead of encrypting users' data and asking for ransom, the attacker silently installs a cryptocurrency miner on the victims' computers.

"We don't know how big it is" but "it's much bigger than WannaCry",

"We have seen that before -- malwares mining cryptocurrency -- but not this scale,"

While the world was busy calling WannaCry Ransomware the biggest cyber attack of all time after over 150,000 cyber attacks were reported across 75 nations, there was another cyber attack, much bigger than WannaCry Ransomware, sneaking in the corners. The security company Proofpoint recently observed that a “very large-scale” attack was being carried out and instead of encrypting users’ data and asking for ransom, the attacker silently installs a cryptocurrency miner on the victims’ computers.Proofpoint claimed that the attack uses “EternalBlue and DoublePulsar exploits, both of which come from a recently released cache of NSA’s hacking tools”. The attackers install a program called Adylkuzz, which mines the Monero cryptocurrency and sends it to its owners, reported Mashable. While mining, the attacker uses the computer’s resources — its processor and/or graphics card—and performs complicated calculations, which creates new Monero coins. While running such programs wouldn’t be able to gain much finance, attacking many computers in such a matter would be very beneficial for the attacker. It has not yet been cleared as to who is behind the attack.Proofpoint also claimed that the Adylkuzz attack likely predates the WannaCry attack by several weeks, and possibly affects “hundreds of thousands of PCs and servers worldwide”. While it doesn’t encrypt the data and many users don’t even get to know about it all at, it is silently making the profit out of the attacks it has been making on to the computers.It does affect your computers. How? It slows down computers and thus, slows down businesses. Adylkuzz only attacks older, unpatched versions of Windows. What can one do to protect oneself from the attack? One way yo can protect yourself from such an attack is by installing the latest security update and not install any pirated versions.Proofpoint also claims that the attackers have been earning a lot out of the attacks. The system has been set up in a way that it avoids paying too many Monero to a single address. Several address however have received $7,000, $14,000, and $22,000.On May 12, WannaCry Ransomware carried out over 200,000 cyber attacks in over 150 countries when the systems had to got down on its knees, locked down by an outbreak of WannaCry Ransomware raging across the Internet. The software, called WannaCry, which exploited the security across countries encrypted the files and demanded a certain amount of money to unlock the files. The WannaCry Ransomware attack was such that it led to shutting down of hospitals, universities, warehouses, ATMs and banks.